<?php
	session_start();

	//restrict page access
	if(!isset($_SESSION['user']))
	{
		header('Location:index.php');
		exit;
	}

	if(isset($_POST['submit']))
	{
		include("std_dbs.php");
	
		$movtitle = addslashes($_POST['movtitle']);
		$movyear = addslashes($_POST['movyear']);
		$movbudget = addslashes($_POST['movbudget']);
		$movruntime = addslashes($_POST['movruntime']);
		$movdesc = addslashes($_POST['movdesc']);
		$movtrailer = addslashes($_POST['movtrailer']);

		if($movtitle=='')
			$message = "You must enter a title!";
		else
		{

                $userId = $_SESSION['userid'];
                
				//Handle file upload
				if (
				($_FILES["file"]["type"] == "image/gif")
				|| ($_FILES["file"]["type"] == "image/jpeg")
				|| ($_FILES["file"]["type"] == "image/pjpeg")
				|| ($_FILES["file"]["type"] == "image/png")
				) {
  					if ($_FILES["file"]["error"] > 0) {
    					$message .= "Return Code: " . $_FILES["file"]["error"] . "<br />";
    				}
  					else {
    					//echo "Upload: " . $_FILES["file"]["name"] . "<br />";
    					//echo "Type: " . $_FILES["file"]["type"] . "<br />";
    					//echo "Size: " . ($_FILES["file"]["size"] / 1024) . " Kb<br />";
    					//echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br />";
						//remove spaces
						$nname = str_replace(" ", "", $_FILES["file"]["name"]);
    					if (file_exists("content/covers/" . $nname)) {
      						$message .= $nname . " cover already exists. ";
      					}
    					else {
    						//move temp file to directory
      						move_uploaded_file($_FILES["file"]["tmp_name"], "content/covers/" . $nname);
      						//echo "Stored in: " . "content/covers/" . $nname;
      						$imgcover = addslashes($nname);
      					}
    				}
  				}
				else {
  					$imgcover = "default.jpg";
  				}


                //build query
                $query ="INSERT INTO Movies (MOVID, MOVTITLE, SUBMITTERID, MOVDESC, MOVYEAR, PENDSTATUS, DATEADDED, IMGCOVER, TRAILER) VALUES (DEFAULT, '$movtitle', '$userId', 
'$movdesc', '$movyear', '1', SYSDATE, '$imgcover', '$movtrailer')";

                //Prepare and execute query
                $stid = oci_parse($connect, $query);
                $r = oci_execute($stid); 
		
		if (!$r)
                {
                	$e = oci_error($stid);  // For oci_execute errors pass the statement handle
                        print htmlentities($e['message']);
                        print "\n<pre>\n";
                        print htmlentities($e['sqltext']);
                        echo $e['message'];
                        printf("\n%".($e['offset']+1)."s", "^");
                        print  "\n</pre>\n";
                }

		oci_commit($stid);
		
		unset($_POST['submit']);
		$message .= "Your movie has been submitted for review, and will be added by an administrator soon.";
		}
	}



	$title = "Add A Movie";
	include('header.php');


?>
	
		<!-- start content -->
		<div id="content">
			<div class="post">
				<h1 class="title"><a href="#">Add A Movie</a></h1>
				<div class="entry">
					<font color='red'><?php echo $message . "<br />"; ?></font>
				* Indicates a required field<br />	
                <form name='addMovie' method='post' action='addmovie.php' enctype='multipart/form-data'>
                <table>
                	<tr>
                	    <td><label for="movtitle">Movie Title*:</label><br /><input type='text' name='movtitle' id='movtitle' /></td>
                	    <td><label for="movyear">Movie Year:<br /><input type='text' name='movyear' id='movyear' /></td>
                	</tr>
                	<tr>
                	    <td><label for="movbudget">Movie Budget:<br /><input type='text' name='movbudget' id='movbudget' /></td>
                	    <td><label for="movruntime">Movie Run Time:<br /><input type='text' name='movruntime' id='movruntime' /></td>
                	</tr>
					<tr>
						<td colspan="2"><label for="movdesc">Movie Description:</label><br /><!--<input type = 'text' name='movdesc' id='movdesc' /></td>-->
						<textarea name='movdesc' id='movdesc' cols=40 rows=6>Enter a summary of the movie here.</textarea></td>
					</tr>
					<tr>
						<td><label for="movtrailer">Paste a Youtube link to movie:</label><br /><input type="text" name="movtrailer" id="movtrailer" /></td>
					</tr>
					<tr>
						<td><label for="file">Upload a Movie Cover:</label><br /><input type="file" name="file" id="file" /></td>
					</tr>
        	</table>
        	<input type='submit' value='Add Movie' name='submit'></form>
				</div>
			</div>
		</div>
		<!-- end content -->
<?php include('footer.php'); ?>
